forum.opennet.ru

Составление сообщения

Исходное сообщение

"Инженерное решение..."
Отправлено mr_gfd, 28-Май-09 13:32

Сливать нетфлоу с mpd5
[12:28][dubolom][/home/mike]#cat /usr/local/etc/mpd5/mpd.conf
startup:
        set global enable tcp-wrapper
        set user admin parol admin
        set console self 127.0.0.1 5005
        set console open
        #set web self 0.0.0.0 5006
        #set web open
        #set ippool add pool1 10.15.0.1 10.15.4.1
        set netflow peer 172.16.0.128 9997
        set netflow self 172.16.0.128 9996
        set netflow hook 9000
        set netflow timeouts 60 120
default:
        load pptp_server
        load pppoe_server
pptp_server:
        create bundle template B_pptp
        set iface idle 0
        set iface enable tcpmssfix proxy-arp netflow-in netflow-out
        set ipcp no vjcomp
        set iface up-script   "/usr/abills/libexec/linkupdown mpd up"
        set iface down-script "/usr/abills/libexec/linkupdown mpd down"
        set ipcp ranges 172.16.0.128 ippool pool1
        set ipcp dns 172.16.0.1
        # The five lines below enable Microsoft Point-to-Point encryption
        # (MPPE) using the ng_mppc(8) netgraph node type.
        set bundle enable compression
        set ccp yes mppc
        set mppc yes e40
        set mppc yes e128
        set mppc yes stateless
        create link template L_pptp pptp
        set link action bundle B_pptp
        set pptp disable windowing
        # Multilink adds some overhead, but gives full 1500 MTU.
        set link enable multilink
        set link yes acfcomp protocomp
        set link no pap chap
        set link enable chap
        set link keep-alive 10 60
        # We reducing link mtu to avoid GRE packet fragmentation
        set link mtu 1460
        load server_common
pppoe_server:
        create bundle template B_pppoe
        set iface idle 0
        set iface enable tcpmssfix proxy-arp netflow-in netflow-out
        set ipcp no vjcomp
        set iface up-script "/usr/local/etc/mpd5/mpd-script.pl up"
        set iface down-script "/usr/local/etc/mpd5/mpd-script.pl down"
        set ipcp ranges 172.16.0.128 ippool pool1
        set ipcp dns 172.16.0.1
        # The five lines below enable Microsoft Point-to-Point encryption
        # (MPPE) using the ng_mppc(8) netgraph node type.
        set bundle enable compression
        set ccp yes mppc
        set mppc yes e40
        set mppc yes e128
        set mppc yes stateless
        create link template L_pppoe pppoe
        set link action bundle B_pppoe
        set pppoe acname "bras1"
        set pppoe iface le0
        set pppoe service "*"
        load server_common
server_common:
        set link no pap eap
        set link yes chap-md5
        set link keep-alive 20 60
        set link mtu 1492
        set link enable incoming
        set link no acfcomp protocomp
        set auth acct-update 60
        set auth timeout 21
        set auth disable internal
        load radius
radius:
        set radius config /etc/radius.conf
        set auth acct-update 60
        set radius retries 3
        set auth enable radius-auth
        set auth disable internal
        set auth enable radius-acct
        set auth disable internal

[12:28][dubolom][/home/mike]#cat /etc/rc.conf
hostname="dubolom.local"
ifconfig_le0="DHCP"
keyrate="fast"
[some text skipped]
mpd_enable="YES"
flow_capture_enable="YES"
flow_capture_datadir="/usr/abills/var/log/ipn/"
flow_capture_port="9997"
flow_capture_flags="-S 5 -n 1300 -N 0 -d 5"
# /etc/crontab - root's crontab for FreeBSD
#
# $FreeBSD: src/etc/crontab,v 1.32.32.1 2008/11/25 02:59:29 kensmith Exp $
#
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
[some text skipped]
*       *       *       *       *       root    /usr/abills/libexec/traffic2sql 1 flowdir=/usr/abills/var/log/ipn

Исходное сообщение
"Инженерное решение..." Отправлено mr_gfd, 28-Май-09 13:32
Сливать нетфлоу с mpd5 [12:28][dubolom][/home/mike]#cat /usr/local/etc/mpd5/mpd.conf startup: set global enable tcp-wrapper set user admin parol admin set console self 127.0.0.1 5005 set console open #set web self 0.0.0.0 5006 #set web open #set ippool add pool1 10.15.0.1 10.15.4.1 set netflow peer 172.16.0.128 9997 set netflow self 172.16.0.128 9996 set netflow hook 9000 set netflow timeouts 60 120 default: load pptp_server load pppoe_server pptp_server: create bundle template B_pptp set iface idle 0 set iface enable tcpmssfix proxy-arp netflow-in netflow-out set ipcp no vjcomp set iface up-script "/usr/abills/libexec/linkupdown mpd up" set iface down-script "/usr/abills/libexec/linkupdown mpd down" set ipcp ranges 172.16.0.128 ippool pool1 set ipcp dns 172.16.0.1 # The five lines below enable Microsoft Point-to-Point encryption # (MPPE) using the ng_mppc(8) netgraph node type. set bundle enable compression set ccp yes mppc set mppc yes e40 set mppc yes e128 set mppc yes stateless create link template L_pptp pptp set link action bundle B_pptp set pptp disable windowing # Multilink adds some overhead, but gives full 1500 MTU. set link enable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 # We reducing link mtu to avoid GRE packet fragmentation set link mtu 1460 load server_common pppoe_server: create bundle template B_pppoe set iface idle 0 set iface enable tcpmssfix proxy-arp netflow-in netflow-out set ipcp no vjcomp set iface up-script "/usr/local/etc/mpd5/mpd-script.pl up" set iface down-script "/usr/local/etc/mpd5/mpd-script.pl down" set ipcp ranges 172.16.0.128 ippool pool1 set ipcp dns 172.16.0.1 # The five lines below enable Microsoft Point-to-Point encryption # (MPPE) using the ng_mppc(8) netgraph node type. set bundle enable compression set ccp yes mppc set mppc yes e40 set mppc yes e128 set mppc yes stateless create link template L_pppoe pppoe set link action bundle B_pppoe set pppoe acname "bras1" set pppoe iface le0 set pppoe service "" load server_common server_common: set link no pap eap set link yes chap-md5 set link keep-alive 20 60 set link mtu 1492 set link enable incoming set link no acfcomp protocomp set auth acct-update 60 set auth timeout 21 set auth disable internal load radius radius: set radius config /etc/radius.conf set auth acct-update 60 set radius retries 3 set auth enable radius-auth set auth disable internal set auth enable radius-acct set auth disable internal [12:28][dubolom][/home/mike]#cat /etc/rc.conf hostname="dubolom.local" ifconfig_le0="DHCP" keyrate="fast" [some text skipped] mpd_enable="YES" flow_capture_enable="YES" flow_capture_datadir="/usr/abills/var/log/ipn/" flow_capture_port="9997" flow_capture_flags="-S 5 -n 1300 -N 0 -d 5" # /etc/crontab - root's crontab for FreeBSD # # $FreeBSD: src/etc/crontab,v 1.32.32.1 2008/11/25 02:59:29 kensmith Exp $ # SHELL=/bin/sh PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin HOME=/var/log [some text skipped] * * * * root /usr/abills/libexec/traffic2sql 1 flowdir=/usr/abills/var/log/ipn

Ваше сообщение

Имя*:

EMail:

Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.

Заголовок*:

Сообщение*:

> Сливать нетфлоу с mpd5

> [12:28][dubolom][/home/mike]#cat /usr/local/etc/mpd5/mpd.conf 
> startup: 
>         set global enable tcp-wrapper 
 
>         set user admin parol 
> admin 
>         set console self 127.0.0.1 
> 5005 
>         set console open 
>         #set web self 0.0.0.0 
> 5006 
>         #set web open 
>         #set ippool add pool1 
> 10.15.0.1 10.15.4.1 
>         set netflow peer 172.16.0.128 
> 9997 
>         set netflow self 172.16.0.128 
> 9996 
>         set netflow hook 9000

>         set netflow timeouts 60 
> 120

> default: 
>         load pptp_server 
>         load pppoe_server

> pptp_server: 
>         create bundle template B_pptp 
 
>         set iface idle 0 
 
>         set iface enable tcpmssfix 
> proxy-arp netflow-in netflow-out 
>         set ipcp no vjcomp 
 
>         set iface up-script  
>  "/usr/abills/libexec/linkupdown mpd up" 
>         set iface down-script "/usr/abills/libexec/linkupdown 
> mpd down" 
>         set ipcp ranges 172.16.0.128 
> ippool pool1 
>         set ipcp dns 172.16.0.1

>         # The five lines 
> below enable Microsoft Point-to-Point encryption 
>         # (MPPE) using the 
> ng_mppc(8) netgraph node type.
>         set bundle enable compression 
 
>         set ccp yes mppc 
 
>         set mppc yes e40 
 
>         set mppc yes e128 
 
>         set mppc yes stateless

>         create link template L_pptp 
> pptp 
>         set link action bundle 
> B_pptp 
>         set pptp disable windowing 
 
>         # Multilink adds some 
> overhead, but gives full 1500 MTU.
>         set link enable multilink 
 
>         set link yes acfcomp 
> protocomp 
>         set link no pap 
> chap 
>         set link enable chap 
 
>         set link keep-alive 10 
> 60 
>         # We reducing link 
> mtu to avoid GRE packet fragmentation 
>         set link mtu 1460

>         load server_common

> pppoe_server: 
>         create bundle template B_pppoe 
 
>         set iface idle 0 
 
>         set iface enable tcpmssfix 
> proxy-arp netflow-in netflow-out 
>         set ipcp no vjcomp 
 
>         set iface up-script "/usr/local/etc/mpd5/mpd-script.pl 
> up" 
>         set iface down-script "/usr/local/etc/mpd5/mpd-script.pl 
> down" 
>         set ipcp ranges 172.16.0.128 
> ippool pool1 
>         set ipcp dns 172.16.0.1

>         create link template L_pppoe 
> pppoe 
>         set link action bundle 
> B_pppoe 
>         set pppoe acname "bras1" 
 
>         set pppoe iface le0 
 
>         set pppoe service "*"

>         load server_common

> server_common: 
>         set link no pap 
> eap 
>         set link yes chap-md5 
 
>         set link keep-alive 20 
> 60 
>         set link mtu 1492 
 
>         set link enable incoming 
 
>         set link no acfcomp 
> protocomp

>         set auth acct-update 60 
 
>         set auth timeout 21 
 
>         set auth disable internal

>         load radius

> radius: 
>         set radius config /etc/radius.conf 
 
>         set auth acct-update 60 
 
>         set radius retries 3 
 
>         set auth enable radius-auth 
 
>         set auth disable internal 
 
>         set auth enable radius-acct 
 
>         set auth disable internal

> [12:28][dubolom][/home/mike]#cat /etc/rc.conf 
> hostname="dubolom.local" 
> ifconfig_le0="DHCP" 
> keyrate="fast" 
> [some text skipped] 
> mpd_enable="YES" 
> flow_capture_enable="YES" 
> flow_capture_datadir="/usr/abills/var/log/ipn/" 
> flow_capture_port="9997" 
> flow_capture_flags="-S 5 -n 1300 -N 0 -d 5"

> # /etc/crontab - root's crontab for FreeBSD 
> # 
> # $FreeBSD: src/etc/crontab,v 1.32.32.1 2008/11/25 02:59:29 kensmith Exp $ 
> # 
> SHELL=/bin/sh 
> PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin 
> HOME=/var/log 
> [some text skipped] 
> *       *     
>   *       *  
>      *      
>  root    /usr/abills/libexec/traffic2sql 1 flowdir=/usr/abills/var/log/ipn

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру